<?php
session_start();
require_once __DIR__.'/../../utils/checkTokenUtils.php';
require_once __DIR__ . '/../../utils/MysqlDBUtils.php';
use  utils\MysqlDBUtils;

if ($_SERVER['REQUEST_METHOD']!=='POST'){
    http_response_code(405);
    die("错误：仅支持POST请求");
}

$dbUtil=new MysqlDBUtils();

$id=isset($_POST['id'])? intval($_POST['id']) : 0;
$categoryName=isset($_POST['categoryName'])? trim($_POST['categoryName']) : '';
$description=isset($_POST['description'])? trim($_POST['description']) : '';
if (empty($categoryName)+empty($id)+empty($description)){
    $_SESSION='错误：分类名称、ID、描述不能为空';
}

$escapedId=$dbUtil->escapeString($id);
$escapedCategoryName=$dbUtil->escapeString($categoryName);
$escapedDescription=$dbUtil->escapeString($description);

$updateSql="UPDATE book_category SET category_name='$escapedCategoryName',description='$escapedDescription' WHERE id=$escapedId";

$result=$dbUtil->prepareQuery($updateSql);

if ($result!==false){
    $_SESSION['success_message']='分类更新成功';
}else{
    $_SESSION['error_message']='错误：数据库更新失败';
}

header("Location:Categories.php");
exit;
?>
